﻿<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<?php
$referer=empty($_SERVER['HTTP_REFERER']) ? array() : array($_SERVER['HTTP_REFERER']);
function customError($errno, $errstr, $errfile, $errline)
{ 
	echo "<b>Error number:</b> [$errno],error on line $errline in $errfile<br />";
	die();
}
set_error_handler("customError",E_ERROR);
$getfilter="'|\b(alert|confirm|prompt)\b|<[^>]*?>|^\\+\/v(8|9)|\\b(and|or)\\b.+?(>|<|=|\\bin\\b|\\blike\\b)|\\/\\*.+?\\*\\/|<\\s*script\\b|\\bEXEC\\b|UNION.+?SELECT|UPDATE.+?SET|INSERT\\s+INTO.+?VALUES|(SELECT|DELETE).+?FROM|(CREATE|ALTER|DROP|TRUNCATE)\\s+(TABLE|DATABASE)";
$postfilter="^\\+\/v(8|9)|\\b(and|or)\\b.{1,6}?(=|>|<|\\bin\\b|\\blike\\b)|\\/\\*.+?\\*\\/|<\\s*script\\b|<\\s*img\\b|\\bEXEC\\b|UNION.+?SELECT|UPDATE.+?SET|INSERT\\s+INTO.+?VALUES|(SELECT|DELETE).+?FROM|(CREATE|ALTER|DROP|TRUNCATE)\\s+(TABLE|DATABASE)";
$cookiefilter="\\b(and|or)\\b.{1,6}?(=|>|<|\\bin\\b|\\blike\\b)|\\/\\*.+?\\*\\/|<\\s*script\\b|\\bEXEC\\b|UNION.+?SELECT|UPDATE.+?SET|INSERT\\s+INTO.+?VALUES|(SELECT|DELETE).+?FROM|(CREATE|ALTER|DROP|TRUNCATE)\\s+(TABLE|DATABASE)";
function StopAttack($StrFiltKey,$StrFiltValue,$ArrFiltReq){  

	$StrFiltValue=arr_foreach($StrFiltValue);
	if (preg_match("/".$ArrFiltReq."/is",$StrFiltValue)==1){   
			//slog("<br><br>操作IP: ".$_SERVER["REMOTE_ADDR"]."<br>操作时间: ".strftime("%Y-%m-%d %H:%M:%S")."<br>操作页面:".$_SERVER["PHP_SELF"]."<br>提交方式: ".$_SERVER["REQUEST_METHOD"]."<br>提交参数: ".$StrFiltKey."<br>提交数据: ".$StrFiltValue);
			print "<div style=\"position:fixed;top:0px;width:100%;height:100%;background-color:white;color:green;font-weight:bold;border-bottom:5px solid #999;\"><br>您的提交带有不合法参数,谢谢合作!<br><br>了解更多请点击:<a href=\"http://webscan.360.cn\">360网站安全检测</a></div>";
			exit();
	}
	if (preg_match("/".$ArrFiltReq."/is",$StrFiltKey)==1){   
			//slog("<br><br>操作IP: ".$_SERVER["REMOTE_ADDR"]."<br>操作时间: ".strftime("%Y-%m-%d %H:%M:%S")."<br>操作页面:".$_SERVER["PHP_SELF"]."<br>提交方式: ".$_SERVER["REQUEST_METHOD"]."<br>提交参数: ".$StrFiltKey."<br>提交数据: ".$StrFiltValue);
			print "<div style=\"position:fixed;top:0px;width:100%;height:100%;background-color:white;color:green;font-weight:bold;border-bottom:5px solid #999;\"><br>您的提交带有不合法参数,谢谢合作!<br><br>了解更多请点击:<a href=\"http://webscan.360.cn\">360网站安全检测</a></div>";
			exit();
	}  
}  
//$ArrPGC=array_merge($_GET,$_POST,$_COOKIE);
foreach($_GET as $key=>$value){ 
	StopAttack($key,$value,$getfilter);
}
foreach($_POST as $key=>$value){ 
	StopAttack($key,$value,$postfilter);
}
foreach($_COOKIE as $key=>$value){ 
	StopAttack($key,$value,$cookiefilter);
}
foreach($referer as $key=>$value){ 
	StopAttack($key,$value,$getfilter);
}

function slog($logs)
{
	$toppath=$_SERVER["DOCUMENT_ROOT"]."/log.htm";
	$Ts=fopen($toppath,"a+");
	fputs($Ts,$logs."\r\n");
	fclose($Ts);
}
function arr_foreach($arr) {
	static $str;
	if (!is_array($arr)) {
	return $arr;
	}
	foreach ($arr as $key => $val ) {

	if (is_array($val)) {

		arr_foreach($val);
	} else {

	  $str[] = $val;
	}
	}
	return implode($str);
}

$post = trim($post);
$post = strip_tags($post,"");
$post = ereg_replace("\t","",$post);
$post = ereg_replace("\r\n","",$post);
$post = ereg_replace("\r","",$post);
$post = ereg_replace("\n","",$post);
$post = ereg_replace(" ","",$post); 
$post = ereg_replace("'","",$post); 

  $title = $specialTitle;
  if (empty($title)){
  	$title = '大户教你怎么炒股';
  }
?>      
<html xmlns="http://www.w3.org/1999/xhtml">
	<head>
		<meta http-equiv="content-type" content="text/html; charset=UTF-8">
		<meta charset="utf-8">
		<title>【<?php echo $title; ?>】- 股大户官网</title>
		<meta name="keywords" content="股大户, 怎么炒股，炒股入门, 网上炒股必读, 基金重仓股, 牛散动向, 成交回报">
		<meta name="description" content="股大户倡导的是一种全新的投资理念, 即通过跟踪分析季报年报中, 基金保险等机构重仓股的变化, 一些知名牛散的动向, 来挖掘中长线的投资机会。对于新手而言, 放弃短线频繁交易, 追随大户挖掘出来的中长线的价值, 炒股怎么入门这个问题也就迎刃而解了。">
    <link href="css/index.css" rel="stylesheet" type="text/css"/>
    <script src="js/jquery.js" type="text/javascript"></script>     
	</head>
	
	<body>
		<div class="page-wrap">
			<!-- 页头 -->
			<div id="hd">
				<div class="has-layout">
					<div id="hd-inner">
						<!-- 左侧导航 -->
						<div id="hd-nav">
							<span id="hd-nav-tabs">
								<a href="http://www.gudahu.com" target="_self">
									股大户
								</a>
							</span>
						</div>
						
						<!-- 右侧导航 -->
						<div id="hd-tools">
							<a class="item-tab" id="shMainBoard" href="http://www.gudahu.com/stockList.php" target="_self">股票列表</a>
							<span class="hd-tools-sep">|</span>
							<a class="item-tab" id="shMainBoard" href="http://www.gudahu.com/quote.php" target="_self">最新行情</a>
							<span class="hd-tools-sep">|</span>								
							<a class="item-tab" id="shMainBoard" href="http://www.gudahu.com/RsiToperList.php" target="_self">一周强势股</a>
							<span class="hd-tools-sep">|</span>
							<a class="item-tab" id="shMainBoard" href="http://www.gudahu.com/topOrg.php" target="_self">机构列表</a>
							<span class="hd-tools-sep">|</span>							
							<a class="item-tab" id="shMainBoard" href="http://www.gudahu.com/ShebaoList.php" target="_self">社保基金</a>	
							<span class="hd-tools-sep">|</span>
							<a class="item-tab" id="shMainBoard" href="http://www.gudahu.com/topNaturePerson.php" target="_self">牛散列表</a>													
						</div>
					</div>
				</div>
			</div>